Certified Information Security Manager (CISM) — Question 42

For an organization that is experiencing outages due to malicious code, which of the following is the BEST index of the effectiveness of countermeasures?

Answer options

• A. Number of virus infections detected
• B. Average recovery time per incident
• C. Amount of infection-related downtime
• D. Number of downtime-related help desk calls

Correct answer: C

Explanation

The best index for assessing the effectiveness of countermeasures is the amount of infection-related downtime, as it directly reflects the impact of malicious code on operations. While the number of detected virus infections and help desk calls provide insights into the problem, they do not necessarily indicate the overall effectiveness of the implemented countermeasures. Average recovery time is helpful but does not capture the full scope of operational impact like downtime does.